Skip to content

Commit

Permalink
fix: pom.xml to reduce vulnerabilities
Browse files Browse the repository at this point in the history 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMMONSCODEC-561518
  • Loading branch information
@snyk-bot
snyk-bot committed Aug 20, 2024
1 parent 182bfd4 commit ef1aa6a
Showing 1 changed file with 43 additions and 43 deletions.
86 changes: 43 additions & 43 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
<jersey.version>2.14</jersey.version>
<SqlRender.version>1.9.0</SqlRender.version>
<hive-jdbc.version>3.1.2</hive-jdbc.version>
<pac4j.version>4.0.0</pac4j.version>
<pac4j.version>5.0.0</pac4j.version>
<jackson.version>2.10.5</jackson.version>
<jackson.databind.version>2.10.5.1</jackson.databind.version>
<start-class>org.ohdsi.webapi.WebApi</start-class>
Expand Down Expand Up @@ -68,7 +68,7 @@
<!-- Person properties -->
<person.viewDates>false</person.viewDates>
<!-- Full Text Search With SOLR Settings -->
<solr.endpoint></solr.endpoint>
<solr.endpoint/>
<solr.query.prefix>{!complexphrase inOrder=true}</solr.query.prefix>
<solr.version>8.6.3</solr.version>
<!-- Heracles properties -->
Expand All @@ -77,7 +77,7 @@
<!-- Kerberos properties -->
<kerberos.timeout>60</kerberos.timeout>
<kerberos.configPath>/etc/krb5.conf</kerberos.configPath>
<kerberos.kinitPath></kerberos.kinitPath>
<kerberos.kinitPath/>

<spring.batch.repository.tableprefix>${datasource.ohdsi.schema}.BATCH_</spring.batch.repository.tableprefix>
<spring.batch.repository.isolationLevelForCreate>ISOLATION_READ_COMMITTED</spring.batch.repository.isolationLevelForCreate>
Expand All @@ -91,36 +91,36 @@
<security.oauth.callback.api>http://localhost:8080/WebAPI/user/oauth/callback</security.oauth.callback.api>
<!-- Available options for callback urlResolver are: query and path -->
<security.oauth.callback.urlResolver>query</security.oauth.callback.urlResolver>
<security.oauth.google.apiKey></security.oauth.google.apiKey>
<security.oauth.google.apiSecret></security.oauth.google.apiSecret>
<security.oauth.facebook.apiKey></security.oauth.facebook.apiKey>
<security.oauth.facebook.apiSecret></security.oauth.facebook.apiSecret>
<security.oauth.github.apiKey></security.oauth.github.apiKey>
<security.oauth.github.apiSecret></security.oauth.github.apiSecret>
<security.oid.clientId></security.oid.clientId>
<security.oid.apiSecret></security.oid.apiSecret>
<security.oid.url></security.oid.url>
<security.oid.logoutUrl></security.oid.logoutUrl>
<security.oauth.google.apiKey/>
<security.oauth.google.apiSecret/>
<security.oauth.facebook.apiKey/>
<security.oauth.facebook.apiSecret/>
<security.oauth.github.apiKey/>
<security.oauth.github.apiSecret/>
<security.oid.clientId/>
<security.oid.apiSecret/>
<security.oid.url/>
<security.oid.logoutUrl/>
<security.oid.redirectUrl>http://localhost/index.html#/welcome/</security.oid.redirectUrl>
<security.kerberos.spn></security.kerberos.spn>
<security.kerberos.keytabPath></security.kerberos.keytabPath>
<security.kerberos.spn/>
<security.kerberos.keytabPath/>
<security.ldap.dn>cn={0},dc=example,dc=org</security.ldap.dn>
<security.ldap.url>ldap://localhost:389</security.ldap.url>
<security.ldap.baseDn></security.ldap.baseDn>
<security.ldap.system.username></security.ldap.system.username>
<security.ldap.system.password></security.ldap.system.password>
<security.ldap.baseDn/>
<security.ldap.system.username/>
<security.ldap.system.password/>
<security.ldap.searchString>(&amp;(objectClass=person)(CN={0}))</security.ldap.searchString>
<security.ldap.userMapping.displaynameAttr>displayName</security.ldap.userMapping.displaynameAttr>
<security.ldap.userMapping.firstnameAttr>givenName</security.ldap.userMapping.firstnameAttr>
<security.ldap.userMapping.middlenameAttr>initials</security.ldap.userMapping.middlenameAttr>
<security.ldap.userMapping.lastnameAttr>sn</security.ldap.userMapping.lastnameAttr>
<security.ldap.userMapping.usernameAttr>cn</security.ldap.userMapping.usernameAttr>
<security.ldap.searchBase>CN=Users,DC=example,DC=org</security.ldap.searchBase>
<security.ad.url></security.ad.url>
<security.ad.url/>
<security.ad.searchBase>CN=Users,DC=example,DC=org</security.ad.searchBase>
<security.ad.principalSuffix>@example.org</security.ad.principalSuffix>
<security.ad.system.username></security.ad.system.username>
<security.ad.system.password></security.ad.system.password>
<security.ad.system.username/>
<security.ad.system.password/>
<security.ad.searchFilter>(&amp;(objectClass=person)(cn=%s))</security.ad.searchFilter>
<security.ad.ignore.partial.result.exception>true</security.ad.ignore.partial.result.exception>
<security.ad.result.count.limit>30000</security.ad.result.count.limit> <!-- 0 means no limit -->
Expand All @@ -132,10 +132,10 @@
<security.ad.userMapping.lastnameAttr>sn</security.ad.userMapping.lastnameAttr>
<security.ad.userMapping.usernameAttr>cn</security.ad.userMapping.usernameAttr>

<security.cas.loginUrl></security.cas.loginUrl>
<security.cas.callbackUrl></security.cas.callbackUrl>
<security.cas.serverUrl></security.cas.serverUrl>
<security.cas.cassvcs></security.cas.cassvcs>
<security.cas.loginUrl/>
<security.cas.callbackUrl/>
<security.cas.serverUrl/>
<security.cas.cassvcs/>
<security.cas.casticket>casticket</security.cas.casticket>

<security.db.datasource.schema>${datasource.ohdsi.schema}</security.db.datasource.schema>
Expand All @@ -147,8 +147,8 @@
<security.db.datasource.authenticationQuery>select password from ${security.db.datasource.schema}.users where lower(email) = lower(?)</security.db.datasource.authenticationQuery>
<use.single.connect.datasource.for.testing>true</use.single.connect.datasource.for.testing>

<security.googleIap.cloudProjectId></security.googleIap.cloudProjectId>
<security.googleIap.backendServiceId></security.googleIap.backendServiceId>
<security.googleIap.cloudProjectId/>
<security.googleIap.backendServiceId/>
<security.google.accessToken.enabled>false</security.google.accessToken.enabled>

<security.cors.enabled>true</security.cors.enabled>
Expand All @@ -157,15 +157,15 @@
<security.duration.increment>10</security.duration.increment>

<security.saml.enabled>false</security.saml.enabled>
<security.saml.entityId></security.saml.entityId>
<security.saml.idpMetadataLocation></security.saml.idpMetadataLocation>
<security.saml.keyManager.keyStoreFile></security.saml.keyManager.keyStoreFile>
<security.saml.keyManager.storePassword></security.saml.keyManager.storePassword>
<security.saml.keyManager.defaultKey></security.saml.keyManager.defaultKey>
<security.saml.keyManager.passwords.arachnenetwork></security.saml.keyManager.passwords.arachnenetwork>
<security.saml.metadataLocation></security.saml.metadataLocation>
<security.saml.callbackUrl></security.saml.callbackUrl>
<security.saml.sloUrl></security.saml.sloUrl>
<security.saml.entityId/>
<security.saml.idpMetadataLocation/>
<security.saml.keyManager.keyStoreFile/>
<security.saml.keyManager.storePassword/>
<security.saml.keyManager.defaultKey/>
<security.saml.keyManager.passwords.arachnenetwork/>
<security.saml.metadataLocation/>
<security.saml.callbackUrl/>
<security.saml.sloUrl/>
<security.saml.maximumAuthenticationLifetime>60</security.saml.maximumAuthenticationLifetime>

<security.auth.windows.enabled>true</security.auth.windows.enabled>
Expand All @@ -189,9 +189,9 @@

<!-- EMBEDDED SERVER CONFIGURATION (ServerProperties) -->
<server.port>8080</server.port>
<server.ssl.key-store></server.ssl.key-store>
<server.ssl.key-store-password></server.ssl.key-store-password>
<server.ssl.key-password></server.ssl.key-password>
<server.ssl.key-store/>
<server.ssl.key-store-password/>
<server.ssl.key-password/>
<server.servlet.context-path>/WebAPI</server.servlet.context-path>

<arachne.version>1.17.2</arachne.version>
Expand All @@ -201,14 +201,14 @@
<execution.status.period>10000</execution.status.period>
<executionengine.url>https://localhost:8888/api/v1/analyze</executionengine.url>
<executionengine.token>Basic YWRtaW5Ab2R5c3NldXNpbmMuY29tOnBhc3N3b3Jk</executionengine.token>
<executionengine.resultExclusions></executionengine.resultExclusions>
<executionengine.resultExclusions/>
<executionengine.updateStatusCallback>http://localhost:8080/WebAPI/executionservice/callbacks/submission/{id}/status/update/{password}</executionengine.updateStatusCallback>
<executionengine.resultCallback>http://localhost:8080/WebAPI/executionservice/callbacks/submission/{id}/result/{password}</executionengine.resultCallback>
<analysis.result.zipVolumeSizeMb>100</analysis.result.zipVolumeSizeMb>

<!-- PASSWORD ENCRYPTION -->
<jasypt.encryptor.enabled>false</jasypt.encryptor.enabled>
<jasypt.encryptor.password></jasypt.encryptor.password>
<jasypt.encryptor.password/>
<jasypt.encryptor.algorithm>PBEWithMD5AndDES</jasypt.encryptor.algorithm>

<!-- ORGANIZATION SETTINGS -->
Expand All @@ -233,8 +233,8 @@
<spring.batch.taskExecutor.corePoolSize>10</spring.batch.taskExecutor.corePoolSize>
<spring.batch.taskExecutor.maxPoolSize>20</spring.batch.taskExecutor.maxPoolSize>
<spring.batch.taskExecutor.queueCapacity>2147483647</spring.batch.taskExecutor.queueCapacity>
<spring.batch.taskExecutor.threadGroupName></spring.batch.taskExecutor.threadGroupName>
<spring.batch.taskExecutor.threadNamePrefix></spring.batch.taskExecutor.threadNamePrefix>
<spring.batch.taskExecutor.threadGroupName/>
<spring.batch.taskExecutor.threadNamePrefix/>

<!-- Sensitive Info settings -->
<sensitiveinfo.admin.role>admin</sensitiveinfo.admin.role>
Expand Down

0 comments on commit ef1aa6a

Please sign in to comment.